If you like FIFA Ultimate Team as we do, have you ever thought what would happen if you lose all your squad instantly?
Know and follow the safety recommendations of EA Sports.
The majority of people playing Ultimate Team are honest. Unfortunately, there are a very small percentage of individuals who are cheats, and they are looking to steal your account information.
This article will help you keep your Ultimate Team safer, and avoid falling for some of the scams cheaters use to try and steal information.
FIFA Ultimate Team: Play Safely!
How to protect your FIFA Ultimate Team
To help reduce your chance of being phished, follow these rules:
- Always double check the sign-in URL starts with: http://www.ea.com;
- Always make sure the URL does not redirect to another site;
- Never click links in emails asking for account information or claiming your account has been compromised;
- Never give out your information through the forums or your console.
EA will never ask you for you login information. There are no exceptions to this rule. Even if you receive an email that looks like it’s coming from EA, if it asks for your account information it’s a scam.
Which Tactics the Scammers Use
The Scammers use several tactics to get your account details. Know them:
- Fake emails and copycat websites
You receive an email that appears to be from EA concerning an Ultimate Team promotion. You click on the link in the email, go to what appears to be the Ultimate Team login page, and enter your account name and password. Two days later you discover all the gold players you’ve worked so hard for have disappeared.
Sound familiar? Hopefully not, as the person above was just phished. Phishing is a way of tricking someone into giving up valuable information (like your account name and password) by landing on a fake website and entering in your account details. As the majority of phishing websites look identical to the real thing, most users don’t even realize they’ve been phished until it’s too late.
While the site above may look identical to the official EASPORTSFootball.com site, it isn’t. How to spot the difference? The URL. The official EA website uses the following URL: http://www.ea.com/. Any other similar looking URL is not official and should not be clicked on.
Redirecting is a technique where a scammer embeds something in a link that takes you to the real site to begin with, but then moves you to a fake page that looks identical. There are many examples of this, but one simple thing to look out for in your address bar would be: http://www.ea.com/redirect?url=http://fakesite.com
Note the “redirect?” part of the URL. This means you go to a different site than official EA one. EA will never redirect you from http://www.ea.com/ to another site.
- Scare tactics
Another common tactic involves scaring you into thinking your account has been compromised when it actually hasn’t. You may receive a message saying something like: “Your account has been temporarily suspended due to suspicious activity. Please login here to see more information.” This is another attempt to get you to give up your username and password. As always, the end result its directing you to a site other than http://www.ea.com.
EA will never send you emails claiming your account has been compromised. EA will never contact you via ANY means asking for this information.
- Contact on Forums
If you ever receive a private message in the forums asking for your account information, it is fake. Scammers will even use names that sound legitimate, such as “EA Admin” or “FIFA Developer”. Again, EA will never ask you for your account info.
If you do receive a message like this report it to one of the forum moderators. Those responsible for sending messages of this kind will suffer swift justice – justice that could affect more than just their forum privileges, up to and including a full console ban.
- Contact on your console
If you ever receive a private message through your console’s online messaging system asking for your account information, it is fake. EA will never contact you through your console’s messaging system for any reason. Do not give out your details and report the details of this message using the built-in report tool.
- False FUT Web
Scammers are using Shared Squad links to try to phish information. Remember: you don’t need to be logged into to your EA account to view a Shared Squad. Shared Squads can be viewed by anyone, and like every other official link, they always start with http://www.ea.com.
If you’re trying to view a Shared Squad and are redirected to a sign page, it’s a scam. Do not proceed any further.
Extra to the steps listed above, here are some additional precautions you can take to ensure your information is protected:
- Preview links
Before you click on a link, preview where it is taking you by hovering over it with your mouse cursor. In some browsers the link location will be displayed at the bottom of your browser window.
- Home computer – passwords and bookmarks
Set your browser to remember your password for EA sites. This way, it will auto-fill the login form every time you visit the site. If you unknowingly go to a phishing site, the username and password will not be filled in, so you will know it’s a fake. Be sure to only do this on your home computer.
- Public computers
If you login from a public computer, such as at a school or a coffee shop, double check that your login information isn’t being saved by the browser. Be sure to delete the browser cache after you logout as well.
- Password integrity
While not directly related to phishing, updating and maintaining your passwords is an important part of online security. Use the following suggestions to help develop a password that is harder to guess:
- EA IDs only require 4 characters, but you should use at least 8. Use a combination of letters, numbers, and special characters;
- Use different passwords for your EA account, console login, and email;
- Change your passwords often;
- Do not use any information in your password that could easily be obtained (like your Gamertag/PSN name or FUT Squad);
- Delete any emails that contain password information after writing it down in a safe place.
- Browsers Tools
These browser tools and plugins will not stop all phishing sites. Unsafe website lists are used to keep track of phishing sites. These tools can also help you avoid sites that attempt to install malicious software without you knowing.
Many major browsers have built-in phishing filters. Ensure that they are enabled. You can also check a website’s security by using this Google diagnostic: http://www.google.com/safebrowsing/diagnostic?site=easports.com
The Web of Trust is a plugin that is available for all operating systems. It can be installed on Firefox, Chrome, Internet Explorer, Safari and Opera. It uses a stoplight-style rating system to warn against unsafe sites. It will install an icon beside your browsers’ address bar, as well as links and search engine results. This plugin is very useful, and successfully blocked a known EA phishing site.
This article was based on Safety Recommendations of EA Sports.
FIFA Ultimate Team: Play Safely!
If unfortunately you read this article too late and suffered a phishing attack, find out what you should do.